Problem z pingiem oraz pakietami

Matejoos · 18 Styczeń 2010 13:03

Witam. Chodzi mi konkretnie o pomoc. Oto log z hijackthis. Niech ktos ogarniety zobaczy i powie czy nie posiadam jakiegos syfu ktory obciaza mi polaczenie z netem. Z gory dziekuje

http://wklejto.pl/txt54516

#Edit. Sorka za bledy. A tak dokladniej to wlasnie chodzi mi o te pakiety i strasznie wysoki ping. Net niby jest radiowy i skaczoncy ping rozumiem ale to co sie teraz dzieje to przesada.

Gutek · 18 Styczeń 2010 13:43

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny.

Pozdrawiam Gutek

Pokaż log z: OTL

Przestawiasz w nim Processes i Modules na All oraz wklejasz w dolne białe okienko Custom Scans/Fixes :

Klikasz Run Scan. - otl-gmer-rsit-dds-inne-instrukcje-t370405.html

Matejoos · 18 Styczeń 2010 15:59

Witam ponownie. Oto log z OTL

http://wklejto.pl/txt54519

Poprawilem nazwe tematu ale nie jestem pewien czy dobrze robie z wklejaniem logow.

Jesli cos jest nie tak to prosze o uwage.

Pozdrawiam

#Edit

Dodam ze chodzi mi o wysokie pingi w grach… Szczegolnei denerwuja mnei gubione pakiety.

Dzisiaj pobawilem sie chwilke w rejestrze. Wyglada to troszke lepiej no ale zobacz czy po logach cos widac.

jessica · 18 Styczeń 2010 23:32

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.dll () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.exe () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\smgr32.exe () O4 - Startup: C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\svmgr.exe () MsConfig - StartUpFolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^raw32.dll - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.dll - () MsConfig - StartUpFolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^raw32.exe - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.exe - () MsConfig - StartUpFolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^smgr32.exe - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\smgr32.exe - () MsConfig - StartUpFolder: C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^svmgr.exe - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\svmgr.exe - () MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Digital Line Detect.lnk - C:\PROGRA~1\DIGITA~1\DLG.exe - File not found MsConfig - StartUpReg: CTFMON.EXE - hkey= - key= - File not found MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found MsConfig - StartUpReg: IgfxTray - hkey= - key= - File not found MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found :Commands [emptytemp] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem kliknij “Run Scan”.

Pokaż nowy log OTL.txt oraz log z usuwania.

Ta infekcja często zaraża jakiś plik Systemowy, więc jeśli usuwanie nie poprawi sytuacji, to dasz także log z ComboFixa - ComboFix potrafi wykryć, który to plik Systemowy jest zarażony.

jessi

Matejoos · 19 Styczeń 2010 10:14

No wiec tak. Zrobilem co napisalas. Po restarcie komputera wyskoczylo mi cos takiego

All processes killed

========== OTL ==========

C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.dll moved successfully.

C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\raw32.exe moved successfully.

C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\smgr32.exe moved successfully.

C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\svmgr.exe moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^raw32.dll\ deleted successfully.

C:\WINDOWS\pss\raw32.dllStartup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^raw32.exe\ deleted successfully.

C:\WINDOWS\pss\raw32.exeStartup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^smgr32.exe\ deleted successfully.

C:\WINDOWS\pss\smgr32.exeStartup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^Administrator^Menu Start^Programy^Autostart^svmgr.exe\ deleted successfully.

C:\WINDOWS\pss\svmgr.exeStartup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpFolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^Digital Line Detect.lnk\ deleted successfully.

C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup moved successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\CTFMON.EXE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\HotKeysCmds\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\IgfxTray\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\KernelFaultCheck\ deleted successfully.

========== COMMANDS ==========


[EMPTYTEMP]


User: Administrator

->Temp folder emptied: 13360209 bytes

->Temporary Internet Files folder emptied: 1219912 bytes

->Java cache emptied: 350220 bytes

->FireFox cache emptied: 104557158 bytes


User: All Users


User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 67 bytes


User: LocalService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 32902 bytes


User: NetworkService

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 402 bytes


%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 2114584 bytes

%systemroot%\System32 .tmp files removed: 2596 bytes

%systemroot%\System32\dllcache .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 191528 bytes

RecycleBin emptied: 0 bytes


Total Files Cleaned = 116,00 mb



OTL by OldTimer - Version 3.1.25.2 log created on 01192010_110543


Files\Folders moved on Reboot...


Registry entries deleted on Reboot...

A oto log z OTL

OTL logfile created on: 2010-01-19 11:11:02 - Run 2

OTL by OldTimer - Version 3.1.25.2 Folder = C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie

Windows XP Professional Edition Dodatek Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd


510,00 Mb Total Physical Memory | 294,00 Mb Available Physical Memory | 58,00% Memory free

1,00 Gb Paging File | 1,00 Gb Available in Paging File | 86,00% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]


%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 7,81 Gb Total Space | 4,46 Gb Free Space | 57,04% Space Free | Partition Type: NTFS

Drive D: | 29,45 Gb Total Space | 26,15 Gb Free Space | 88,81% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded


Computer Name: DOM-C24212177EB

Current User Name: Administrator

Logged in as Administrator.


Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard


[color=#E56717]========== Processes (All) ==========[/color]


PRC - [2010-01-18 16:48:27 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe

PRC - [2010-01-10 12:54:07 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2009-11-25 11:01:21 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe

PRC - [2008-01-21 08:56:32 | 00,065,536 | ---- | M] (France Telecom SA) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

PRC - [2004-08-04 13:00:00 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2004-08-04 13:00:00 | 00,504,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe

PRC - [2004-08-04 13:00:00 | 00,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe

PRC - [2004-08-04 13:00:00 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe

PRC - [2004-08-04 13:00:00 | 00,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe

PRC - [2004-08-04 13:00:00 | 00,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe

PRC - [2004-08-04 13:00:00 | 00,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe

PRC - [2004-08-04 13:00:00 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]

PRC - [2004-08-04 13:00:00 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]

PRC - [2004-08-04 13:00:00 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe

PRC - [2004-08-04 13:00:00 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe

PRC - [2004-08-04 13:00:00 | 00,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe



[color=#E56717]========== Modules (All) ==========[/color]


MOD - [2010-01-18 16:48:27 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Moje dokumenty\Pobieranie\OTL.exe

MOD - [2004-08-04 13:00:00 | 08,412,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll

MOD - [2004-08-04 13:00:00 | 01,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll

MOD - [2004-08-04 13:00:00 | 01,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

MOD - [2004-08-04 13:00:00 | 01,012,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll

MOD - [2004-08-04 13:00:00 | 00,996,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll

MOD - [2004-08-04 13:00:00 | 00,729,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll

MOD - [2004-08-04 13:00:00 | 00,716,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll

MOD - [2004-08-04 13:00:00 | 00,686,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll

MOD - [2004-08-04 13:00:00 | 00,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll

MOD - [2004-08-04 13:00:00 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll

MOD - [2004-08-04 13:00:00 | 00,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll

MOD - [2004-08-04 13:00:00 | 00,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll

MOD - [2004-08-04 13:00:00 | 00,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll

MOD - [2004-08-04 13:00:00 | 00,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll

MOD - [2004-08-04 13:00:00 | 00,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll

MOD - [2004-08-04 13:00:00 | 00,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll

MOD - [2004-08-04 13:00:00 | 00,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll

MOD - [2004-08-04 13:00:00 | 00,146,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv

MOD - [2004-08-04 13:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll

MOD - [2004-08-04 13:00:00 | 00,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll

MOD - [2004-08-04 13:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll

MOD - [2004-08-04 13:00:00 | 00,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll

MOD - [2004-08-04 13:00:00 | 00,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll



[color=#E56717]========== Win32 Services (SafeList) ==========[/color]


SRV - [2010-01-12 23:09:00 | 03,395,532 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)

SRV - [2009-11-25 11:01:21 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009-09-25 12:42:14 | 00,362,408 | ---- | M] (Dell Inc.) [Disabled | Stopped] -- C:\Program Files\Dell\OpenManage\Client\Iap.exe -- (Iap)

SRV - [2008-01-21 08:56:32 | 00,065,536 | ---- | M] (France Telecom SA) [Auto | Running] -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe -- (FTRTSVC)

SRV - [2005-11-14 01:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)



[color=#E56717]========== Driver Services (SafeList) ==========[/color]


DRV - [2009-12-09 19:30:31 | 00,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)

DRV - [2009-09-25 11:53:42 | 00,020,480 | R--- | M] (Dell Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)

DRV - [2008-12-26 12:56:04 | 00,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)

DRV - [2008-01-21 08:56:38 | 00,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)

DRV - [2008-01-21 08:56:38 | 00,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)

DRV - [2007-11-13 23:29:23 | 00,051,968 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)

DRV - [2007-11-13 23:29:23 | 00,008,064 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)

DRV - [2007-11-13 23:29:22 | 00,095,744 | R--- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)

DRV - [2007-10-25 18:31:08 | 00,616,064 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)

DRV - [2004-08-04 13:00:00 | 00,027,440 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2004-08-04 13:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2004-06-10 15:31:20 | 00,135,168 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\UNDPX2A.exe -- (UNDPX2A)

DRV - [2004-02-10 12:17:06 | 00,681,469 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)

DRV - [2003-07-11 10:58:42 | 00,121,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1000325.sys -- (E1000) Intel(R)

DRV - [2003-02-28 09:17:18 | 00,545,024 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smwdm.sys -- (smwdm)

DRV - [2002-04-01 13:15:00 | 00,004,816 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aeaudio.sys -- (aeaudio)



[color=#E56717]========== Standard Registry (SafeList) ==========[/color]



[color=#E56717]========== Internet Explorer ==========[/color]


IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[color=#E56717]========== FireFox ==========[/color]


FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-10 12:54:14 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-10 12:54:13 | 00,000,000 | ---D | M]


[2009-11-22 14:05:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Extensions

[2009-11-22 14:05:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Dane aplikacji\Mozilla\Firefox\Profiles\d3ulysch.default\extensions

[2010-01-18 17:14:45 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2009-11-03 02:54:10 | 00,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml

[2009-11-03 02:54:10 | 00,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml

[2009-11-03 02:54:10 | 00,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml

[2009-11-03 02:54:10 | 00,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml

[2009-11-03 02:54:10 | 00,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml

[2009-11-03 02:54:10 | 00,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml


O1 HOSTS File: ([2004-08-04 13:00:00 | 00,000,742 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.23.197.1 10.0.0.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-11-22 11:25:49 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [NTFS]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*


[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]


[2010-01-19 11:05:43 | 00,000,000 | ---D | C] -- C:\_OTL

[2010-01-18 14:07:42 | 00,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe

[2010-01-18 14:07:40 | 00,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE

[2010-01-18 13:56:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2010-01-17 17:17:40 | 00,094,208 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\w32n50.dll

[2010-01-17 17:17:40 | 00,034,688 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcampr5.sys

[2010-01-17 17:17:40 | 00,032,128 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\pcandis5.sys

[2010-01-17 17:16:02 | 00,000,000 | ---D | C] -- C:\Program Files\OrangeBS

[2010-01-16 15:54:42 | 00,000,000 | ---D | C] -- C:\Program Files\mIRC

[2010-01-16 15:54:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\mIRC

[2010-01-16 15:37:59 | 00,000,000 | ---D | C] -- C:\Program Files\Network Stumbler

[2010-01-15 19:03:43 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent

[2010-01-15 14:40:52 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll

[2010-01-15 14:40:52 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll

[2010-01-15 14:40:51 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll

[2010-01-15 14:40:50 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll

[2010-01-15 14:40:50 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll

[2010-01-15 14:40:50 | 00,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll

[2010-01-15 14:40:49 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll

[2010-01-15 14:40:49 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll

[2010-01-15 14:40:49 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll

[2010-01-15 14:40:48 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll

[2010-01-15 14:40:48 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll

[2010-01-15 14:40:48 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll

[2010-01-15 14:40:47 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll

[2010-01-15 14:40:47 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll

[2010-01-15 14:40:46 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll

[2010-01-15 14:40:46 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll

[2010-01-15 14:40:46 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll

[2010-01-15 14:40:45 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll

[2010-01-15 14:40:45 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll

[2010-01-15 14:40:45 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll

[2010-01-15 14:40:44 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll

[2010-01-15 14:40:44 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll

[2010-01-15 14:40:44 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll

[2010-01-15 14:40:43 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll

[2010-01-15 14:40:42 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll

[2010-01-15 14:40:42 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll

[2010-01-15 14:40:42 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll

[2010-01-15 14:40:41 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll

[2010-01-15 14:40:41 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll

[2010-01-15 14:40:41 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll

[2010-01-15 14:40:40 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll

[2010-01-15 14:40:40 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll

[2010-01-15 14:40:39 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll

[2010-01-15 14:40:38 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll

[2010-01-15 14:40:36 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll

[2010-01-15 14:40:36 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll

[2010-01-15 14:40:36 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll

[2010-01-15 14:40:35 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll

[2010-01-15 14:40:35 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll

[2010-01-15 14:40:34 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll

[2010-01-15 14:40:34 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll

[2010-01-15 14:40:33 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll

[2010-01-15 14:40:33 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll

[2010-01-15 14:40:33 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll

[2010-01-15 14:40:33 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll

[2010-01-15 14:40:32 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll

[2010-01-15 14:40:32 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll

[2010-01-15 14:40:28 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll

[2010-01-15 14:40:27 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll

[2010-01-15 14:40:27 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll

[2010-01-15 14:40:24 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll

[2010-01-15 14:40:23 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll

[2010-01-15 14:40:23 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll

[2010-01-15 14:40:22 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll

[2010-01-15 14:40:22 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll

[2010-01-15 14:40:22 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll

[2010-01-15 14:40:22 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll

[2010-01-15 14:40:22 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll

[2010-01-15 14:40:21 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll

[2010-01-15 14:40:21 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll

[2010-01-15 14:40:21 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll

[2010-01-15 14:40:20 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll

[2010-01-15 14:40:10 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll

[2010-01-15 14:40:09 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll

[2010-01-15 14:40:09 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll

[2010-01-15 14:40:09 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll

[2010-01-15 14:40:08 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll

[2010-01-15 14:40:08 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll

[2010-01-15 14:40:08 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll

[2010-01-15 14:40:07 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll

[2010-01-15 14:40:07 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll

[2010-01-15 14:40:03 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll

[2010-01-15 14:39:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\Logs

[2010-01-05 17:29:32 | 00,528,384 | ---- | C] (eJay Entertainment GmbH) -- C:\WINDOWS\System32\eJayxAudio.ax

[2010-01-05 17:29:32 | 00,348,160 | ---- | C] (eJay AG) -- C:\WINDOWS\System32\eJ_UniDialog.ocx

[2010-01-05 17:29:32 | 00,286,720 | ---- | C] (Ejay AG) -- C:\WINDOWS\System32\EjWaveEditorCtrl.ocx

[2010-01-05 17:29:32 | 00,236,032 | ---- | C] (Abysmal Software) -- C:\WINDOWS\System32\devil.dll

[2010-01-05 17:29:32 | 00,159,744 | ---- | C] (Dart Communications) -- C:\WINDOWS\System32\DartSock.dll

[2010-01-05 17:29:32 | 00,106,496 | ---- | C] (Dart Communications) -- C:\WINDOWS\System32\DartWeb.dll

[2010-01-05 17:29:32 | 00,100,864 | ---- | C] (zwei) -- C:\WINDOWS\System32\eJ_Explorer.ocx

[2010-01-05 17:29:32 | 00,077,824 | ---- | C] (eJay Entertainment GmbH) -- C:\WINDOWS\System32\eJ_Enumerator.dll

[2010-01-05 17:29:32 | 00,036,864 | ---- | C] (eJay) -- C:\WINDOWS\System32\eJayWMExport.dll

[2010-01-05 17:29:23 | 00,604,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCTL32.OCX

[2010-01-05 11:43:45 | 00,225,280 | ---- | C] (Propellerhead Software AB) -- C:\WINDOWS\System32\rewire.dll

[2010-01-05 11:43:31 | 01,554,944 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\WINDOWS\System32\vorbis.acm

[2010-01-05 11:42:55 | 00,000,000 | ---D | C] -- C:\Program Files\Image-Line

[2010-01-05 11:42:52 | 00,000,000 | ---D | C] -- C:\Program Files\Outsim

[2009-12-28 20:59:34 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\cache

[2009-12-28 20:45:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dane aplikacji\Nowe Gadu-Gadu

[2009-12-28 20:45:04 | 00,000,000 | ---D | C] -- C:\Program Files\Ganymede

[2009-12-26 23:28:31 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2009-12-26 23:28:27 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2009-12-26 23:28:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2009-12-26 23:28:25 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2009-12-26 23:28:25 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2009-12-26 23:28:23 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2009-12-26 23:28:19 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2009-12-26 23:28:16 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2009-12-26 23:28:13 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2009-12-26 23:28:01 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2009-12-26 23:28:01 | 00,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2009-12-26 23:28:01 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2009-12-26 23:28:01 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2009-12-26 23:28:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2009-12-26 23:28:01 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax

[2009-12-26 23:27:59 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll

[2009-12-26 23:27:59 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2009-12-26 23:27:59 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2009-12-26 23:27:59 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2009-12-26 23:23:42 | 00,048,128 | ---- | C] (PixArt Imaging Incorporation) -- C:\WINDOWS\System32\Remove.exe

[2009-12-26 23:23:36 | 00,000,000 | ---D | C] -- C:\WINDOWS\PixArt

[2009-12-26 23:23:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PAC207

[2009-12-26 23:12:18 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations

[2009-12-25 22:04:59 | 00,000,000 | ---D | C] -- C:\Program Files\KM Wakeup

[2009-11-22 11:30:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-11-22 11:30:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Ustawienia lokalne\Dane aplikacji\Microsoft

[2009-11-22 11:25:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Dane aplikacji\Microsoft

[2009-11-22 11:25:39 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Dane aplikacji\Microsoft

[2006-11-20 09:01:08 | 00,163,840 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Common Files\AMCap.exe


[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]


[2010-01-19 11:06:53 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-01-19 11:06:50 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-01-19 11:06:09 | 02,621,440 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT

[2010-01-19 11:06:09 | 00,000,188 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini

[2010-01-19 10:29:34 | 00,002,013 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Steam.lnk

[2010-01-19 09:32:19 | 00,002,107 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Ventrilo.lnk

[2010-01-18 23:14:40 | 01,576,360 | -H-- | M] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\IconCache.db

[2010-01-18 14:07:42 | 00,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe

[2010-01-18 14:07:40 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE

[2010-01-18 13:56:45 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk

[2010-01-18 13:20:17 | 00,000,706 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol

[2010-01-17 17:21:22 | 00,000,659 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\Orange Free.lnk

[2010-01-16 15:54:42 | 00,000,626 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk

[2010-01-16 15:38:00 | 00,000,753 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Network Stumbler.lnk

[2010-01-15 12:00:08 | 00,000,807 | ---- | M] () -- C:\WINDOWS\win.ini

[2010-01-15 12:00:08 | 00,000,281 | RHS- | M] () -- C:\boot.ini

[2010-01-15 12:00:08 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010-01-12 23:09:00 | 03,395,532 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\System32\GameMon.des

[2010-01-11 18:07:29 | 00,117,640 | ---- | M] () -- C:\test.htm

[2010-01-08 19:04:57 | 00,013,754 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-12-29 22:31:28 | 00,304,160 | ---- | M] () -- C:\PA207.DAT

[2009-12-29 17:21:11 | 00,000,441 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\Gadu-Gadu.lnk

[2009-12-25 22:06:41 | 00,000,689 | ---- | M] () -- C:\Documents and Settings\Administrator\Pulpit\KM Wakeup.lnk


[color=#E56717]========== Files Created - No Company Name ==========[/color]


[2010-01-18 13:56:45 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\HijackThis.lnk

[2010-01-17 17:21:22 | 00,000,659 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\Orange Free.lnk

[2010-01-16 15:54:42 | 00,000,626 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\mIRC.lnk

[2010-01-16 15:38:00 | 00,000,753 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Network Stumbler.lnk

[2010-01-05 17:29:32 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\eJayxQuell.ax

[2010-01-05 17:29:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\eJayxWaveDest.ax

[2010-01-05 17:29:32 | 00,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll

[2009-12-30 17:55:26 | 00,117,640 | ---- | C] () -- C:\test.htm

[2009-12-29 17:21:11 | 00,000,441 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\Gadu-Gadu.lnk

[2009-12-26 23:35:13 | 00,304,160 | ---- | C] () -- C:\PA207.DAT

[2009-12-26 23:23:42 | 00,000,472 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini

[2009-12-25 22:04:12 | 00,000,689 | ---- | C] () -- C:\Documents and Settings\Administrator\Pulpit\KM Wakeup.lnk

[2009-12-14 12:15:51 | 00,154,624 | ---- | C] () -- C:\WINDOWS\System32\zlib4.dll

[2009-12-09 20:07:08 | 00,064,200 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat

[2009-12-09 19:30:31 | 00,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys

[2009-11-22 12:26:51 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-11-22 12:18:24 | 00,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys

[2007-06-29 11:07:36 | 00,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini

[2004-08-04 13:00:00 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2004-08-04 13:00:00 | 00,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

< End of report >

P.S Nie umiescilem na wklejto.pl ze wzgledu na to ze strona nie dziala… Pozniej ewentualnie to zmienie

jessica · 19 Styczeń 2010 10:30

Log jest teraz czysty.

Czy poprawiło to sytuację?

Jeśli poprawiło, to:

W OTL kliknij na przycisk “CleanUp” - to go usunie razem z jego Kwarantanną.

Usuń kopie szkodników z folderu “System Volume Information” poprzez chwilowe wyłączenie “Przywracania Systemu”:

jessi

Matejoos · 19 Styczeń 2010 18:43

Dziekuje slicznie za pomoc.

Pozdrawiam